vulnerable

Despite Patching, Citrix ADC and Gateways Remain Vulnerable to Backdoors

by
Despite Patching, Citrix ADC and Gateways Remain Vulnerable to Backdoors

Researchers from Fox-IT, part of the NCC Group, have found that adversaries have planted web shells on vulnerable Citrix NetScaler Application Delivery Controllers (ADCs) and Citrix NetScaler Gateways to maintain remote access and execute commands even after the devices have been updated or rebooted. The presence of these web shells allows attackers to modify NetScaler … Read more

Citrix NetScaler Devices Vulnerable to Zero-Day Exploits

by
Citrix NetScaler Devices Vulnerable to Zero-Day Exploits

Citrix has issued a warning to its customers using NetScaler ADC and NetScaler Gateway appliances regarding two zero-day vulnerabilities that are actively being exploited in the wild. These vulnerabilities, known as CVE-2023-6548 and CVE-2023-6549, can allow attackers to carry out remote code execution and denial of service attacks on affected devices. The NetScaler ADC and … Read more

Citrix NetScaler ADC and Gateway Vulnerable to New Zero-Day Attacks, Warns TechTarget

by
Citrix NetScaler ADC and Gateway Vulnerable to New Zero-Day Attacks, Warns TechTarget

Citrix’s NetScaler ADC and NetScaler Gateway products have been targeted once again by two new zero-day vulnerabilities. The vulnerabilities, known as CVE-2023-6549 and CVE-2023-6548, were recently disclosed and patched. CVE-2023-6549 is considered a high severity denial of service flaw, while CVE-2023-6548 allows for remote code execution in management interfaces by authenticated attackers. Exploits for these … Read more

VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250) – Help Net Security

by
VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250) – Help Net Security

VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to mount authentication relay and session hijack attacks. The vulnerabilities haven’t been and won’t be fixed. Instead, VMware is urging admins to remove the EAP plugin, whose deprecation was announced back in 2021. About … Read more

VMware urges admins to remove deprecated, vulnerable auth plug-in

by
VMware urges admins to remove deprecated, vulnerable auth plug-in

VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left unpatched. The vulnerable VMware Enhanced Authentication Plug-in (EAP) enables seamless login to vSphere’s management interfaces via integrated Windows Authentication and Windows-based smart card functionality on Windows client systems. VMware … Read more